package com.hp.authweb.service.sercrity;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
import org.springframework.social.security.SpringSocialConfigurer;


/**
 * @Description:
 * @author hp
 * @date 2018年6月16日 下午4:31:34
 */
@Configuration
public class MyWebSecurityConfig extends WebSecurityConfigurerAdapter {

	@Autowired
	private UserDetailService userDetailService;

	@Autowired
	private PasswordEncoder passwordEncoder;
	
	@Autowired
	private PersistentTokenRepository persistentTokenRepository;
	
	@Autowired
	private SpringSocialConfigurer socialSecurityConfig;
	
	@Autowired
	private MyAuthenticationFailureHandler myAuthenticationFailureHandler;
	
	@Autowired
	private MyAuthenticationSuccessHandler myAuthenticationSuccessHandler;
	

	@Override
	protected void configure(HttpSecurity http) throws Exception {

		http.headers().frameOptions().disable() 					//去掉X-Frame-Options 引起的页面加载错误
				.and().apply(socialSecurityConfig)  				//配置三方登录 
					  .alwaysUsePostLoginUrl(true)
					  .postLoginUrl("/main.html")
				.and().formLogin()            						//配置表单登录
					.failureHandler(myAuthenticationFailureHandler)
					.successHandler(myAuthenticationSuccessHandler)
					.loginPage("/index.html")						// 指定登录页是"/index"
					.loginProcessingUrl("/login")					
					.defaultSuccessUrl("/main.html",true)			// 登录成功后默认跳转到"/main",true-启动后一直用这个登录成功的配置
					//.failureHandler(authenticationFailureHandler)
					//.failureForwardUrl("/index.html")
					
				.and().logout().logoutSuccessUrl("/index.html")		// 退出登录后的默认url是"/index"
				.and().rememberMe() 								// 登录后记住用户，下次自动登录,数据库中必须存在名为persistent_logins的表
						.tokenRepository(persistentTokenRepository)
						.tokenValiditySeconds(36000)		  			//过期时间 3600秒
						.userDetailsService(userDetailService)
				.and().authorizeRequests().antMatchers("/index.html","/signUp.html").permitAll()
				.anyRequest().authenticated()						// 其他所有资源都需要认证，登陆后访问
				.and().csrf().disable();							//关闭csrf
		

		
	}

	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		auth.userDetailsService(userDetailService).passwordEncoder(passwordEncoder);
	}
	
	/**
	 * 忽略静态资源
	 */
	@Override
	public void configure(WebSecurity web) throws Exception {
		web.ignoring().antMatchers("/**/*.css","/**/*.jpg","/**/*.js","/**/*.png","/**/*.woff2");
	}
	
}
